CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3022 matches found

RedhatCVE•added 2025/12/10 8:36 a.m.•3 views

CVE-2025-41696

An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device...

6.8CVSS6.9AI score0.00027EPSS

Exploits0References1

Vulnrichment•added 2025/12/10 12:0 a.m.•2 views

CVE-2025-65823

The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for the test network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor...

6.3AI score0.00071EPSS

Exploits0References2

CVE•added 2025/12/10 12:0 a.m.•10 views

CVE-2025-65823

CVE-2025-65823 affects the Meatmeet Pro device. The firmware reportedly ships with hardcoded Wi‑Fi credentials from its test network, enabling an attacker who obtains these credentials to gain unauthorized access to the vendor’s Wi‑Fi network. Additionally, a nearby attacker during initial setup ...

9.8CVSS6.3AI score0.00071EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/12/10 12:0 a.m.•3 views

PT-2025-50498

Name of the Vulnerable Software and Affected Versions Meatmeet Pro affected versions not specified Description The Meatmeet Pro device was shipped with hardcoded Wi-Fi credentials intended for its test network. An attacker obtaining these credentials and locating the vendor’s Wi-Fi network could...

9.8CVSS6.6AI score0.00071EPSS

Exploits0References6

OSV•added 2025/12/09 4:17 p.m.•2 views

CVE-2025-41696

4.6CVSS5.8AI score

Exploits0References1

NVD•added 2025/12/09 4:17 p.m.•1 views

CVE-2025-41696

4.6CVSS0.00021EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 8:13 a.m.•3 views

CVE-2025-41696 Hardcoded User Password

4.6CVSS6.5AI score0.00021EPSS

Exploits0References1

CVE•added 2025/12/09 8:13 a.m.•7 views

CVE-2025-41696

CVE-2025-41696 describes an attack where an attacker can use an undocumented UART port on the PCB as a side-channel, leveraging user credentials obtained from CVE-2025-41692 to gain read access to parts of the device filesystem. Public Red Hat and EUVD entries corroborate the UART side-channel ve...

4.6CVSS6.2AI score0.00021EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/12/09 12:0 a.m.•3 views

PT-2025-49815

6.8CVSS6.9AI score0.00027EPSS

Exploits0References1

CNNVD•added 2025/12/09 12:0 a.m.•2 views

Phoenix Contact FL SWITCH 信任管理问题漏洞

The PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A trust management issue vulnerability exists in Phoenix Contact FL SWITCH versions prior to 3.50, which stems from undocumented UART ports and hardcoded credentials that could result in a partial...

4.6CVSS8.7AI score0.00021EPSS

Exploits0References1

RedhatCVE•added 2025/12/08 12:15 p.m.•9 views

CVE-2025-14126

A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the publi...

8.8CVSS6AI score0.00038EPSS

Exploits0References1

Vulnrichment•added 2025/12/06 10:2 a.m.•1 views

CVE-2025-14126 TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials

8.8CVSS5.8AI score0.00038EPSS

Exploits0References4

EUVD•added 2025/12/05 6:31 p.m.•2 views

EUVD-2025-201412

Authentication Bypass via Hardcoded Credentials GoAway up to v0.62.18, fixed in 0.62.19, uses a hardcoded secret for signing JWT tokens used for authentication...

6.4AI score0.00394EPSS

Exploits1References10

RedhatCVE•added 2025/12/05 12:9 a.m.•12 views

CVE-2025-29268

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...

9.8CVSS7.2AI score0.00105EPSS

Exploits1References1

Vulnrichment•added 2025/12/05 12:0 a.m.•2 views

CVE-2025-65730

Authentication Bypass via Hardcoded Credentials GoAway up to v0.62.18, fixed in 0.62.19, uses a hardcoded secret for signing JWT tokens used for authentication...

6.5AI score0.00394EPSS

Exploits1References9

EUVD•added 2025/12/04 9:31 p.m.•3 views

EUVD-2025-201251

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...

6.7AI score0.00105EPSS

Exploits1References4

OSV•added 2025/12/04 8:16 p.m.•1 views

CVE-2025-29268

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...

9.8CVSS5.8AI score0.00105EPSS

Exploits1References3